{# SPDX-License-Identifier: Apache-2.0 -#}

{% extends "admin/base.html" %}

{% import "admin/utils/pagination.html" as pagination %}
{% block title %}Malware Reports{% endblock %}

{% block breadcrumb %}
  <li class="breadcrumb-item">
    <a href="{{ request.route_path("admin.observations.list") }}">Observations</a>
  </li>
  <li class="breadcrumb-item">
    <a href="{{ request.route_path("admin.malware_reports.list") }}">Malware Reports</a>
  </li>
  <li class="breadcrumb-item active">Detail View</li>
{% endblock %}

{% block content %}
  <div class="card">
    <div class="card-header">
      <h3 class="card-title">
        Project:
        <a href="{{ request.route_path('admin.project.detail', project_name=report.related.name) }}">
          <code>{{ report.related.name }}</code>
        </a>
      </h3>
    </div>
    <div class="card-body">
      <dl class="row">
        <dt class="col-sm-2">Observation ID</dt>
        <dd class="col-sm-10">
          <code>{{ report.id }}</code>
        </dd>
        <dt class="col-sm-2">Reported By</dt>
        <dd class="col-sm-10">
          <a href="{{ request.route_path('admin.user.detail', username=report.observer.parent.username) }}">{{ report.observer.parent.username }}</a>
          {% if report.observer.parent.is_observer %}<span class="badge badge-info">Observer</span>{% endif %}
        </dd>
        <dt class="col-sm-2">Reported At</dt>
        <dd class="col-sm-10">
          {{ report.created }}
        </dd>
        <dt class="col-sm-2">Reported Via</dt>
        <dd class="col-sm-10">
          {{ report.payload.get("origin") }}
        </dd>
        <dt class="col-sm-2">Summary</dt>
        <dd class="col-sm-10">
          {{ report.summary }}
        </dd>
        <dt class="col-sm-2" title="Help Scout Conversation">HS Convo</dt>
        <dd class="col-sm-10">
          {% if report.additional.get("helpscout_conversation_url") %}
            {% set hs_url = report.additional.helpscout_conversation_url %}
            {% set conversation_id = hs_url.rstrip('/').split('/')[-1] %}
            <a href="https://secure.helpscout.net/conversation/{{ conversation_id }}" target="_blank">
              HelpScout Conversation #{{ conversation_id }}
            </a>
            <button type="button"
                    class="btn btn-sm btn-outline-primary"
                    data-toggle="modal"
                    data-target="#modal-add-helpscout-conversation">Update</button>
          {% else %}
            <button type="button"
                    class="btn btn-sm btn-outline-primary"
                    data-toggle="modal"
                    data-target="#modal-add-helpscout-conversation">Add HelpScout Conversation</button>
          {% endif %}
        </dd>
        {# TODO: Decide how to pretty this up when we have more data #}
        {% if report.actions %}
          <dt class="col-sm-2">Actions</dt>
          <dd class="col-sm-10">
            <ul>
              {% for timestamp, value in report.actions.items() %}<li>{{ timestamp }}: {{ value }}</li>{% endfor %}
            </ul>
          </dd>
        {% endif %}
      </dl>
    </div>
    <div class="card-footer">
      <div class="row">
        <div class="col">
          <button type="button"
                  class="btn btn-block btn-outline-success"
                  data-toggle="modal"
                  data-target="#modal-not-malware">Not Malware</button>
        </div>
        <div class="col">
          <button type="button"
                  class="btn btn-block btn-outline-warning"
                  data-toggle="modal"
                  data-target="#modal-quarantine">Quarantine Project</button>
        </div>
        <div class="col">
          <button type="button"
                  class="btn btn-block btn-outline-danger"
                  data-toggle="modal"
                  data-target="#modal-remove-malware">Remove Malware</button>
        </div>
      </div>
    </div>
    <!-- /.card-footer -->
  </div>
  <div class="card">
    <div class="card-header">
      <small>Inspector is loaded in an iframe. External links may not work.</small>
    </div>
    <div class="card-body">
      <div class="embed-responsive embed-responsive-16by9">
        {# If we can deep-link to the inspector spot, do so #}
        {% if report.payload.get("inspector_url") %}
          {% set inspector_url = report.payload.get("inspector_url") %}
        {% else %}
          {% if report.related %}
            {% set inspector_url = "https://inspector.pypi.io/project/" + report.related.name %}
          {% else %}
            {% set inspector_url = "" %}
          {% endif %}
        {% endif %}
        <iframe class="embed-responsive-item" src="{{ inspector_url }}">
        </iframe>
      </div>
    </div>
  </div>
  <div class="modal fade" id="modal-not-malware">
    <div class="modal-dialog modal-not-malware">
      <form id="not-malware"
            action="{{ request.route_path('admin.malware_reports.detail.verdict_not_malware', observation_id=report.id) }}"
            method="post">
        <input name="csrf_token"
               type="hidden"
               value="{{ request.session.get_csrf_token() }}">
        <div class="modal-content">
          <div class="modal-header bg-success">
            <h4 class="modal-title">Confirm Not Malware</h4>
            <button type="button" class="close" data-dismiss="modal" aria-label="Close">
              <span aria-hidden="true">×</span>
            </button>
          </div>
          <div class="modal-body">
            <p>
              You are confirming that this Malware Observation for <code>{{ report.related.name }}</code>
              is invalid and not malware.
            </p>
            <div class="form-group">
              <label for="reason">Reason</label>
              <textarea name="reason"
                        id="reason"
                        class="form-control"
                        rows="3"
                        placeholder="Enter reason for confirming not malware"></textarea>
            </div>
          </div>
          <div class="modal-footer justify-content-between">
            <button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
            <button type="submit" class="btn btn-success">Verdict: Not Malware</button>
          </div>
        </div>
      </form>
    </div>
  </div>
  <!-- /.modal -->
  <div class="modal fade" id="modal-quarantine">
    <div class="modal-dialog modal-quarantine">
      <form id="quarantine"
            action="{{ request.route_path('admin.malware_reports.detail.verdict_quarantine', observation_id=report.id) }}"
            method="post">
        <input name="csrf_token"
               type="hidden"
               value="{{ request.session.get_csrf_token() }}">
        <div class="modal-content">
          <div class="modal-header bg-warning">
            <h4 class="modal-title">Quarantine Project</h4>
            <button type="button" class="close" data-dismiss="modal" aria-label="Close">
              <span aria-hidden="true">×</span>
            </button>
          </div>
          <div class="modal-body">
            <p>
              Confirming that <code>{{ report.related.name }}</code> needs further examination.
            </p>
            <p>
              This will remove the Project from being installable,
              freeze the Owner's account,
              and prohibit the Project from being changed by the Owner.
            </p>
          </div>
          <div class="modal-footer justify-content-between">
            <button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
            <button type="submit" class="btn btn-warning">Verdict: Quarantine Project</button>
          </div>
        </div>
      </form>
    </div>
  </div>
  <!-- /.modal -->
  <div class="modal fade" id="modal-remove-malware">
    <div class="modal-dialog modal-remove-malware">
      <form id="remove-malware"
            action="{{ request.route_path('admin.malware_reports.detail.verdict_remove_malware', observation_id=report.id) }}"
            method="post">
        <input name="csrf_token"
               type="hidden"
               value="{{ request.session.get_csrf_token() }}">
        <div class="modal-content">
          <div class="modal-header bg-danger">
            <h4 class="modal-title">Remove Malware</h4>
            <button type="button" class="close" data-dismiss="modal" aria-label="Close">
              <span aria-hidden="true">×</span>
            </button>
          </div>
          <div class="modal-body">
            {% set project_malware_reports = report.related.observations | selectattr("kind", "equalto", "is_malware") | list %}
            {% set missing_urls = project_malware_reports | selectattr("additional.helpscout_conversation_url", "undefined") | list %}
            {% if missing_urls %}
              <div class="alert alert-warning">
                <i class="fa fa-exclamation-triangle"></i>
                <strong>Action Blocked:</strong> {{ missing_urls | length }} observation(s) for this project are missing HelpScout conversation URLs.
                Please add HelpScout conversation URLs to all observations before removing as malware.
              </div>
              <p>Missing URLs for observations:</p>
              <ul>
                {% for missing_report in missing_urls %}
                  <li>
                    {% if missing_report.id == report.id %}
                      <strong>Observation {{ missing_report.id | string | truncate(8, False, '...') }} - {{ missing_report.created }} (current)</strong>
                    {% else %}
                      <a href="{{ request.route_path('admin.malware_reports.detail', observation_id=missing_report.id) }}">
                        Observation {{ missing_report.id | string | truncate(8, False, '...') }} - {{ missing_report.created }}
                      </a>
                    {% endif %}
                  </li>
                {% endfor %}
              </ul>
            {% else %}
              <p>
                You are confirming that this Malware Observation for <code>{{ report.related.name }}</code>
                is valid and malware.
              </p>
              <p>This will remove the Project, freeze the Owner's account, prohibit the Project name from being reused.</p>
              <div class="form-group col-sm-12">
                <label for="confirm_project_name">
                  Are you sure you want to confirm
                  <strong><code>{{ report.related.name }}</code></strong>
                  <button type="button"
                          class="copy-text"
                          data-copy-text="{{ report.related.name }}">
                    <i class="fa fa-copy" aria-hidden="true"></i>
                  </button>
                  as malware?
                </label>
                <input name="project" type="hidden" value="{{ report.related.name }}">
                <input name="confirm_project_name" id="confirm_project_name" class="form-control" type="text" placeholder="Enter project name to confirm" {{ "disabled" if not request.has_permission(Permissions.AdminProjectsDelete) }} autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false">
              </div>
            {% endif %}
          </div>
          <div class="modal-footer justify-content-between">
            <button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
            <button type="submit" class="btn btn-danger" {% if missing_urls %}disabled{% endif %}>Verdict: Remove Malware</button>
          </div>
        </div>
      </form>
    </div>
  </div>
  <!-- /.modal -->
  <div class="modal fade" id="modal-add-helpscout-conversation">
    <div class="modal-dialog modal-add-helpscout-conversation">
      <form id="add-helpscout-conversation"
            action="{{ request.route_path('admin.malware_reports.detail.add_helpscout_conversation', observation_id=report.id) }}"
            method="post">
        <input name="csrf_token"
               type="hidden"
               value="{{ request.session.get_csrf_token() }}">
        <div class="modal-content">
          <div class="modal-header">
            <h4 class="modal-title">Add HelpScout Conversation</h4>
            <button type="button" class="close" data-dismiss="modal" aria-label="Close">
              <span aria-hidden="true">×</span>
            </button>
          </div>
          <div class="modal-body">
            <p>
              Add a HelpScout conversation URL to this Malware Report.
              This will allow you to track the conversation related to this report.
            </p>
            <p>
              Paste either the API URL or the web URL.
            </p>
            <div class="form-group">
              <label for="helpscout_conversation_url">HelpScout Conversation URL</label>
              <input name="helpscout_conversation_url"
                     id="helpscout_conversation_url"
                     class="form-control"
                     type="url"
                     placeholder="Enter HelpScout Conversation URL"
                     value="{{ report.additional.get('helpscout_conversation_url', '') }}"
                     required>
            </div>
          </div>
          <div class="modal-footer justify-content-between">
            <button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
            <button type="submit" class="btn btn-primary">Save</button>
          </div>
        </div>
      </form>
    </div>
  </div>
  <!-- /.modal -->
{% endblock %}
